package net.xdclass.rbac_shiro.config;

import net.xdclass.rbac_shiro.domain.Permission;
import net.xdclass.rbac_shiro.domain.Role;
import net.xdclass.rbac_shiro.domain.User;
import net.xdclass.rbac_shiro.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.ArrayList;
import java.util.List;

/**
 * Created whit IntelliJ IDEA
 * User:杨骏杰
 * Date:2021/2/15
 * Time:20:20
 * 自定义realm
 */
public class CustomRealm extends AuthorizingRealm {

    @Autowired
    private UserService userService;

    /**
     * 进行权限校验的时候会调用
     * 权限校验
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        System.out.println("授权 doGetAuthorizationInfo");

        //从principals中得到用户名
        User newUser = (User) principals.getPrimaryPrincipal();

        //得到用户权限和角色
        User user = userService.findAllUserInfoByUserName(newUser.getUsername());

        //把角色和权限都放入到list集合中去，因为一个用户会有很多角色和权限
        List<String> stringRoleList = new ArrayList<>();
        List<String> stringPermissionsList = new ArrayList<>();

        List<Role> roleList = user.getRoleList();

        //遍历role把role中的值传输到角色和权限中
        for(Role role : roleList){
            stringRoleList.add(role.getName());

            List<Permission> permissionList = role.getPermissionList();

            for(Permission permission : permissionList){
                if(permission!=null){
                    stringPermissionsList.add(permission.getName());
                }
            }
        }

        //授权使用
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        //权限授权
        simpleAuthorizationInfo.addRoles(stringRoleList);
        //角色授权
        simpleAuthorizationInfo.addStringPermissions(stringPermissionsList);

        //然后返回到该用户的权限和角色信息中
        return simpleAuthorizationInfo;
    }

    /**
     * 用户认证登陆的时候会调用
     * 登陆接口
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        System.out.println("认证 doGetAuthenticationInfo");

        //从token中获取的用户名，token代表用户输入的信息
        String username = (String) token.getPrincipal();

        //从userService中得到用户的全部信息，包括权限，角色
        User user = userService.findAllUserInfoByUserName(username);

        //从user对象得到密码
        String pwd = user.getPassword();
        //初步判断
        if(pwd ==null || pwd.equals("")){
            return null;
        }
        //然后返回到该用户的认证信息中
        //如果使用redis+shiro插件，需要传入user对象
        //return new SimpleAuthenticationInfo(username,user.getPassword(),this.getClass().getName());
        return new SimpleAuthenticationInfo(user,user.getPassword(),this.getClass().getName());
    }
}
